Lucene search
K
RedhatRecent

114833 matches found

RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•4 views

kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration

A flaw was found in the Linux kernel. A local attacker could exploit a deadlock vulnerability due to incorrect lock ordering between foliolock and immaprwsem when migrating hugetlb file-backed folios. This could lead to hung tasks and potential system-wide stalls, resulting in a Denial of Service...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•6 views

kernel: macvlan: fix possible UAF in macvlan_forward_source()

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

7.8CVSS5.3AI score0.00188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•4 views

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

5.5AI score0.00165EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•7 views

kernel: net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

5.4AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•7 views

kernel: ipv6: use RCU in ip6_xmit()

A use-after-free flaw was found in ip6autoflowlabel in the Linux kernel's net/ipv6/ip6output.c code. In this flaw an attacker can cause a denial of service DoS attack...

5.3AI score0.00178EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•13 views

Critical: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability...

9.8CVSS6.8AI score0.00563EPSS
Exploits4References25
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•6 views

kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A race condition exists in the SCTPSENDALL path where a cached list entry is not properly revalidated after the socket lock is temporarily released. This allows a local attacker or a remote attacker v...

7.8CVSS5.8AI score0.00104EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•8 views

kernel: md/bitmap: fix GPF in write_page caused by resize race

A flaw was found in the Linux kernel's md/bitmap component. This vulnerability involves a use-after-free race condition that occurs during array resize operations. When the bitmapdaemonwork and bitmapresize functions execute concurrently, they can access memory pages that have already been freed...

4.7CVSS5.5AI score0.00091EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•5 views

kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...

9.8CVSS5.5AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•5 views

kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...

9.4CVSS5.4AI score0.00337EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•6 views

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•17 views

kernel: Linux kernel: Denial of service and memory corruption in RDMA umad

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...

7.8CVSS5.5AI score0.00125EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•12 views

kernel: ALSA: aloop: Fix racy access at PCM trigger

In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...

7.8CVSS5.5AI score0.00113EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•6 views

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

7.8CVSS5.7AI score0.00145EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•7 views

kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...

5.4AI score0.00173EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•5 views

kernel: ipv6: use RCU in ip6_output()

A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...

5.2AI score0.00193EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•6 views

kernel: geneve: Fix use-after-free in geneve_find_dev().

A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...

7.8CVSS7.3AI score0.00227EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:22 a.m.•6 views

kernel: sctp: fix a potential overflow in sctp_ifwdtsn_skip

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...

7.8CVSS5.9AI score0.00155EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:7 a.m.•6 views

Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.21.2

The 1.21.2 GA release of Red Hat OpenShift Pipelines Operator.. For more details see product documentation. The 1.21.2 release of Red Hat OpenShift Pipelines Operator...

8.5CVSS7.8AI score0.00788EPSS
Exploits1References4
RedHat Linux
RedHat Linux
•added 2026/06/17 8:59 a.m.•7 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.4AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 8:59 a.m.•8 views

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

8.8CVSS5.6AI score0.00324EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 8:59 a.m.•6 views

postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

8.8CVSS6.4AI score0.00464EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 8:59 a.m.•6 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 8:59 a.m.•8 views

Important: Red Hat Security Advisory: postgresql:16 security update

An update for the postgresql:16 module is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

8.8CVSS5.5AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 8:59 a.m.•10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.34 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.34 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

9.1CVSS6.4AI score0.01557EPSS
Exploits1References3
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•4 views

firefox: thunderbird: Sandbox escape in the Profile Backup component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Profile Backup component...

9.8CVSS5.2AI score0.00313EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•4 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

6.5CVSS5.2AI score0.00244EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•5 views

firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

8.8CVSS5.8AI score0.00332EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•5 views

firefox: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

8.1CVSS5.2AI score0.00372EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•5 views

firefox: Spoofing issue in the Form Autofill component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the Form Autofill component...

6.5CVSS5.2AI score0.00322EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•5 views

firefox: thunderbird: Privilege escalation in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...

8.8CVSS5.2AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•5 views

firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...

7.5CVSS5.2AI score0.0056EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•6 views

firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...

7.5CVSS5.2AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•4 views

firefox: Information disclosure, sandbox escape in the Security: Process Sandboxing component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...

8.6CVSS5.2AI score0.00344EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•4 views

firefox: Sandbox escape due to use-after-free in the Disability Access APIs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...

9.6CVSS5.2AI score0.00532EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•7 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.2AI score0.00194EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•5 views

firefox: thunderbird: Other issue in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the JavaScript Engine component...

5.3CVSS5.2AI score0.00298EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•4 views

firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...

8.8CVSS5.8AI score0.00429EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•7 views

firefox: Privilege escalation in the Security component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Security component...

8.8CVSS5.2AI score0.00307EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•4 views

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...

9.6CVSS5.2AI score0.00417EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•6 views

firefox: Integer overflow in the Networking: JAR component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...

9.8CVSS5.3AI score0.00605EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•5 views

firefox: Incorrect boundary conditions, integer overflow in the Audio/Video component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Audio/Video component...

7.5CVSS5.3AI score0.00425EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•5 views

firefox: thunderbird: Use-after-free in the DOM: Bindings (WebIDL) component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Bindings WebIDL component...

7.3CVSS5.2AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•8 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

9.8CVSS5.6AI score0.00605EPSS
Exploits0References20
RedHat Linux
RedHat Linux
•added 2026/06/17 8:14 a.m.•5 views

firefox: Privilege escalation in the Enterprise Policies component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Enterprise Policies component...

8.8CVSS5.2AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 8:2 a.m.•7 views

postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

8.8CVSS6.4AI score0.00464EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 8:2 a.m.•7 views

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

8.8CVSS5.6AI score0.00324EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 8:2 a.m.•5 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 8:2 a.m.•6 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.4AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 8:2 a.m.•7 views

Important: Red Hat Security Advisory: postgresql:16 security update

An update for the postgresql:16 module is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

8.8CVSS5.5AI score0.00668EPSS
Exploits0References5
Total number of security vulnerabilities114833